©2016-2024 Matools All rights reserved,
粤ICP备17059708号
首先需要导jar包!
<>
<>配置你自己的web.xml
CharacterEncodingFilter
org.springframework.web.filter.CharacterEncodingFilter encoding utf-8
forceEncoding true CharacterEncodingFilter /* shiroFilter
org.springframework.web.filter.DelegatingFilterProxy targetFilterLifecycle true
targetBeanName shiroFilter shiroFilter /* DispatcherServlet
org.springframework.web.servlet.DispatcherServlet contextConfigLocation
classpath:springmvc.xml 1 DispatcherServlet /
org.springframework.web.context.ContextLoaderListener contextConfigLocation
classpath:spring.xml
<>接下来创建一个spring-shiro.xml,我是自己这样写的,你们写的啥自己看看
<?xml version="1.0" encoding="UTF-8"?>
/user/toLogin** = anon
<aop:config proxy-target-class=“true” ></aop:config>
redirect:/user/toNopermission
<>对了,你们springmvc.xml中还需要添加一段配置,如下:
<>
<>我自己定义的realm类叫userRealm
package com.youzhong.realm;
import com.youzhong.dao.UserMapper;
import com.youzhong.entity.User;
import com.youzhong.entity.UserExample;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import java.util.ArrayList;
import java.util.List;
public class UserRealm extends AuthorizingRealm {
@Autowired public UserMapper userMapper; @Override public String getName() {
return "UserRealm"; } @Override protected AuthorizationInfo
doGetAuthorizationInfo(PrincipalCollection principalCollection) { User user =
(User) principalCollection.getPrimaryPrincipal(); ArrayList<String> permissions
= new ArrayList<>(); if(user.getStatus().equals("admin")){
permissions.add("*:*"); }else if(user.getStatus().equals("error")){
permissions.add("*:select"); }else if(user.getStatus().equals("ok")){
permissions.add("*:edit"); } SimpleAuthorizationInfo info = new
SimpleAuthorizationInfo(); info.addStringPermissions(permissions); return info;
} @Override protected AuthenticationInfo
doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws
AuthenticationException { String username = (String)
authenticationToken.getPrincipal(); UserExample userExample = new
UserExample(); userExample.createCriteria().andUsernameEqualTo(username);
List<User> users = userMapper.selectByExample(userExample); if(users.size()>0
){ return new
SimpleAuthenticationInfo(users.get(0),users.get(0).getPassword(),getName()); }
return null; }
}
<>注意我这只是模拟,并不是企业级项目,只是搭建,这是我的ajax登陆!
package com.youzhong.controller;
import com.youzhong.entity.User;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.servlet.http.HttpServletRequest;
@Controller
@RequestMapping(“user”)
public class UserController {
@RequestMapping("toLogin") public String toLogin() { return "user/login"; }
@RequestMapping(value = "toLoginVerify") @ResponseBody public String login(User
user, HttpServletRequest req) { UsernamePasswordToken token = new
UsernamePasswordToken(user.getUsername(), user.getPassword()); Subject subject
= SecurityUtils.getSubject(); try { subject.login(token); } catch
(UnknownAccountException ex) { return "u1"; } catch
(IncorrectCredentialsException ex) { return "i1"; } catch
(AuthenticationException e) { return "a1"; } return "ok"; }
@RequestMapping("logout") public String logout(){ Subject subject =
SecurityUtils.getSubject(); subject.logout(); return "user/login"; }
@RequestMapping("toNopermission") public String toNopermission(){ return
"no/nopermission"; }
<>}
<>login页面,这是我写的用的easyui
<%–
Created by IntelliJ IDEA.
User: 你好!
Date: 2019/4/9
Time: 16:11
To change this template use File | Settings | File Templates.
–%>
<%@ page contentType=“text/html;charset=UTF-8” language=“java” %>
<%@ include file="/static/taglib.jsp"%>
Title
-1
热门工具 换一换